package top.archiesean.common.security.config;

import lombok.RequiredArgsConstructor;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
import top.archiesean.common.security.component.CustomBearerTokenResolver;
import top.archiesean.common.security.component.CustomOpaqueTokenIntrospector;
import top.archiesean.common.security.component.PermissionService;
import top.archiesean.common.security.component.ResourceAuthExceptionEntryPoint;
import top.archiesean.common.security.properties.PermitAllUrlProperties;

/**
 * @author ArchieSean
 * @description 自动配置类
 * @date 2024-01-30 18:56
 */
@RequiredArgsConstructor
@EnableConfigurationProperties(PermitAllUrlProperties.class)
public class ResourceServerAutoConfiguration {


    /**
     * 权限判定
     * 使用时，使用security的注解
     *
     * @return PermissionService
     */
    @Bean("ss")
    public PermissionService permissionService() {
        return new PermissionService();
    }

    /**
     * basic 认证token解析
     *
     * @param permitAllUrlProperties 对外暴露的接口列表
     * @return CustomBearerTokenResolver
     */
    @Bean
    public CustomBearerTokenResolver customBearerTokenResolver(PermitAllUrlProperties permitAllUrlProperties) {
        return new CustomBearerTokenResolver(permitAllUrlProperties);
    }


    /**
     * 资源服务器 认证异常统一处理端点
     *
     * @return ResourceAuthExceptionEntryPoint
     */
    @Bean
    public ResourceAuthExceptionEntryPoint resourceAuthExceptionEntryPoint() {
        return new ResourceAuthExceptionEntryPoint();
    }

    /**
     * 资源服务器token内省处理器
     *
     * @param oAuth2AuthorizationService token存储服务，此处最终调用的是自定义的token存储服务
     * @return OpaqueTokenIntrospector
     */
    @Bean
    public OpaqueTokenIntrospector opaqueTokenIntrospector(OAuth2AuthorizationService oAuth2AuthorizationService) {
        return new CustomOpaqueTokenIntrospector(oAuth2AuthorizationService);
    }



}
